Which of the following controls is an example of non-technical controls?

• A.Access control
• B.Physical security
• C.Intrusion detection system
• D.Encryption
• E.Explanation:
  Physical security is an example of non-technical control. It comes under the family of operational controls.

Comment: *

Name: *

Email: *

Verification: *

The PRIMARY purpose of IT control status reporting is to:

• A.ensure compliance with IT governance strategy.
• B.assist internal audit in evaluating and initiating remediation efforts.
• C.facilitate the comparison of the current and desired states.
• D.benchmark IT controls with Industry standards.

Comment: *

Name: *

Email: *

Verification: *

Which of the following is the MOST important objective of embedding risk management practices into the initiation phase of the project management life cycle?

• A.To assess risk throughout the project
• B.To deliver projects on time and on budget
• C.To assess inherent risk
• D.To include project risk in the enterprise-wide IT risk profit.

Comment: *

Name: *

Email: *

Verification: *

A risk practitioner is developing a set of bottom-up IT risk scenarios. The MOST important time to involve business stakeholders is when:

• A.identifying risk mitigation controls
• B.documenting the risk scenarios
• C.validating the risk scenarios
• D.updating the risk register

Comment: *

Name: *

Email: *

Verification: *

Ben is the project manager of the CMH Project for his organization. He has identified a risk that has a low probability of happening, but the impact of the risk event could save the project and the organization with a significant amount of capital. Ben assigns Laura to the risk event and instructs her to research the time, cost, and method to improve the probability of the positive risk event. Ben then communicates the risk event and response to management. What risk response has been used here?

• A.Transference
• B.Enhance
• C.Exploit
• D.Sharing
• E.Explanation:
  Enhance is a risk response to improve the conditions to ensure the risk event occurs. Risk enhancement raises the probability of an opportunity to take place by focusing on the trigger conditions of the opportunity and optimizing the chances. Identifying and maximizing input drivers of these positive-impact risks may raise the probability of their occurrence.

Comment: *

Name: *

Email: *

Verification: *